The disguise the Trojan wears is unclear, though it does appear to be Symbian-based. All reports agree that in addition to spreading itself the infection logs with a central server in readiness to receive additional instructions.

The Shanghai Daily's report explains that the infection comes embedded in an anti-virus package, but the official notification from the Chinese "National Computer Network Emergency Response Technical Team Center" draws attention to a media player called DuMusicPLayer which it reckons is carrying the Trojan.

The infection does check for, and disable, anti-virus software running on the handset in the same way as the more-advanced desktop viruses. It then sends SMS messages to everyone in the handset address book, containing links to the package, and reports the handset phone number, model and other available details to a remote server.

That server is under investigation by the local authorities, but it's very possible that the miscreants already have a decent list of infected numbers to which they can send commands over the SMS network whenever they want. Those commands could, for example, make the phone call a premium number or premium text service, offering financial reward to the developers.

The only good news is that the infection is so virulent that users rapidly become aware that their phone is infected by all the text messages it suddenly starts sending - a more relaxed version of the same thing would be much harder to detect even if it took proportionally longer to spread.

The best defence against this kind of thing is, of course, a locked-down device with a gatekeeper. Users, in China and elsewhere, always click "continue" in the face of security warnings such as those presented when this infection is received.

As our mobile phones become as prone to infection as our desktop computers, we'll have to decide what price we're prepared to pay for our security before we see a million-strong zombie army in the west. ®